Blog

App On Android, iOS Uploads Your Contacts Without Permission

If you spend any time at all on social media, you may have heard a lot of recent buzz about an app for both Android and iOS devices called “Sarahah,” which was developed by a Saudi developer.

In Arabic, the word means “honesty,” and the app’s stated purpose is to give users a platform to receive honest, anonymous feedback to help them improve.

Unfortunately, the app itself isn’t all that honest. Unbeknownst to those who install it, it makes a copy of their contacts lists and uploads them to the company’s server.

According to the developer, the reason for this behavior was that they had planned to roll out a “Find Your Friends” feature, and the contacts data was to be used to cross reference with the app’s database of user names. Unfortunately, again according to the developer, an unspecified technical difficulty delayed implementation of that feature indefinitely.

If that sounds like a flimsy excuse to you, you’re not alone, and the discovery has raised the eyebrows of privacy and security experts alike. Unfortunately, there’s not much to be done about it except uninstall the app, but even then, they’ve already got your contact list, so there’s nothing to be done on that front.

This is just a bad business for a legitimate app developer to be in. If they wanted to collect that information, then they should have at the very least let their users know that it was happening, and even better, provided a means of opting out of the collection of that data.

The fact that they did neither of those things, and provided what is, by all appearances, an incredibly flimsy excuse as a response when caught, certainly paints them in a bad light, even if they didn’t have any nefarious intentions.

In any case, be warned. If you use the app, just know that it’s not being honest about the data it’s collecting, regardless of the name of the program.